|
Family: CGI abuses : XSS --> Category: infos
Horde 3.0 XSS Vulnerability Scan
Vulnerability Scan Summary Checks for XSS flaws in Horde 3.0
Detailed Explanation for this Vulnerability Test
The target is running at least one instance of Horde version 3.0,
which suffers from two cross site scripting vulnerabilities.
Through specially crafted GET requests to the remote host, a possible hacker
can cause a third party user to unknowingly run arbitrary Javascript code.
For more information, see :
http://www.hyperdose.com/advisories/H2005-01.txt
Solution : Upgrade to Horde version 3.0.1 or later.
Threat Level: Low
Click HERE for more information and discussions on this network vulnerability scan.
|